Mautic Community Forums

403 Forbidden Form error

Each time I submit a form that is inside a landing page I get a 403 Forbidden.



Failed to load resource: the server responded with a status of 403 (Forbidden)



Our mautic is installed in a digital ocean VPS (apache).

I’ve used the following line in htcaccess in an attempt to provide origin permissions:



Header set Access-Control-Allow-Origin “*”



The error remains there anyway. Can anyone provide any advice? Thank you.

Each time I submit a form that is inside a landing page I get a 403 Forbidden.

Failed to load resource: the server responded with a status of 403 (Forbidden)

Our mautic is installed in a digital ocean VPS (apache).
I’ve used the following line in htcaccess in an attempt to provide origin permissions:

Header set Access-Control-Allow-Origin “*”

The error remains there anyway. Can anyone provide any advice? Thank you.

I have a possibly related issue: I’m getting a 403 error on the Mautic tracking pixel in Chrome’s console. I checked the folder permissions, and it seems fine.

Update:
Have a look here for more information on this - http://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work

I ended up adding this to .htaccess in my mautic folder:

Header set Access-Control-Allow-Origin http:// mysite .com Header set Access-Control-Allow-Credentials true Header set Access-Control-Allow-Methods: GET, POST, PATCH, PUT, OPTIONS Header set Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token

N.B. replace mysite .com with your site name, or use the line you used in your initial post.

EDIT: Ok, this method has caused normal mautic use to return a 500 error. I’ll keep working on it.

In my case the problem was that depending on the type of form you use, Mautic sets the action="//yourmautic…" instead of placing the mautic url with the full protocol.
As my Mautic has HTTPS and the site I was trying to install the form modal doesn’t has https, Mautic tried to make a 302 redirect with the POST data, but it becames a GET request which doesn’t work.

The easiest solution in my case was install a let’s encrypt certificate on the site I was trying to install the form. :open_mouth: